Scenario 15: Cyber Attack
Executive Summary
| Casualties | None directly |
| Infrastructure Damage | Cyber |
| Evacuations/Displaced Persons | None |
| Contamination | None |
| Economic Impact | Millions of dollars |
| Potential for Multiple Events | Yes |
| Recovery Timeline | Weeks |
Scenario Overview:
General Description -
In this scenario, the Universal Adversary conducts cyber attacks that affect several parts of the nation's financial infrastructure over the course of several weeks. Specifically, credit-card processing facilities are hacked and numbers are released to the Internet, causing 20 million cards to be cancelled; automated teller machines (ATMs) fail nearly simultaneously across the nation; major companies report payroll checks are not being received by workers; and several large pension and mutual fund companies have computer malfunctions so severe that they are unable to operate for more than a week. Individually, these attacks are not dangerous - but combined, they shatter faith in the stability of the system. Citizens no longer trust any part of the U.S. financial system and foreign speculators make a run on the dollar.
Timeline/Event Dynamics -
Several years are needed for preparation. The attack is executed over a few weeks to ensure extended press coverage and undermine confidence in the financial system. However, there are no secondary hazards/events.
Key Implications:
No fatalities, significant injuries, or property damage are expected. However, significant disruptions across many or most sectors of the financial industry do occur. The greatest impact of this event will be on the economy.
Mission Areas Activated:
| Prevention/Deterrence/Protection - | The strength of private sector finance companies will be tested in
regard to prevention, deterrence, and protection. |
| Emergency Assessment/Diagnosis - | The attack will be difficult to recognize. Initially, failures may be
mistaken for normal malfunctions, and analysis will have to be
performed to link failures across many parts of the financial sector. |
| Emergency Management/Response - | Emergency response will be split between (1) technically bringing
systems back online and instituting business continuity process, and
(2) controlling the public perception of the situation to restore
confidence and prevent panic. |
| Incident/Hazard Mitigation - | None. |
| Public Protection - | None. |
| Victim Care - | Citizens and investors will look for government assurances that their
losses will be made whole. |
| Investigation/Apprehension - | Using intelligence and law enforcement sources and methods, the
investigators will need to determine the likely technical source and
the identity of the perpetrators. |
|
NEWSLETTER
|
| Join the GlobalSecurity.org mailing list |
|
|
|
